target audience: TECH BUYER Publication date: Mar 2024 - Document type: IDC Perspective - Doc Document number: # US51975024
The Implications of Security Tool Sprawl
Content
List of Figures
Get More
When you purchase this document, the purchase price can be applied to the cost of an annual subscription, giving you access to more research for your investment.
Related Links
Abstract
This IDC Perspective discusses the implications of security tool sprawl, which happens over time and creates a host of unanticipated security issues. It can make it harder to identify and mitigate security risks, increase alert fatigue, slow incident response, and increase overall costs. Fixing this problem requires discovering every security tool in use because missing even one security tool during discovery can cause major security problems. There is no single tool or method for ensuring that all security tools will be identified, so IDC recommends doubling or tripling up on discovery.
Addressing security tool sprawl also means identifying gaps and overlaps and then consolidating using security tool rationalization. One way many companies are choosing to consolidate security tools is by moving to a security platform approach.
Once the toolset is in good shape, implement new protocols for the future to keep things in sync.
"There is a tried-and-true colloquialism that says that you cannot protect what you cannot see," says Chris Kissel, vice president, Security and Trust at IDC. "The problem is that if there are too many tools in an organization, analysts are in a place where they suffer from technical debt trying to learn new dashboards, syntax, and procedures. Tool sprawl is yielding to tools consolidation. Inherently, this approach makes sense but we think tools consolidation has to be accompanied by rationalization and discovery capabilities."